* more renames :/

* improve qmi-network service

debian/bullseye/systemd/network/10-eth0.network

@@ -0,0 +1,53 @@
+[Match]
+Name=eth0
+
+## Only use one of these blocks!!
+
+### DHCP (default most want)
+[Network]
+DHCP=yes
+
+DNSOverTLS=opportunistic
+
+DNS=1.1.1.1
+
+DNS=1.0.0.1
+
+# Link discovery causes some issues so disable it.
+LLDP=no
+
+## dhcp config end
+
+## LAN
+# Uncomment all below if you want to use eth0 as a lan network.
+#[Network]
+# IP address range.
+#Address=192.168.156.1/24
+
+# Packet forwarding.
+#IPForward=yes
+
+# Masquerade.
+#IPMasquerade=both
+
+# Link discovery causes some issues so disable it.
+#LLDP=no
+
+#[DHCPServer]
+
+# Lease time
+#DefaultLeaseTimeSec=300
+
+# DNS to serve
+#DNS=1.1.1.1 
+#DNS=1.0.0.1
+
+# Enable serving of DHCP addresses from the network range.
+#DHCPServer=yes
+
+# Below not supported systemd < 250
+#[DHCPServerStaticLease]
+#MACAddress=xx:xx:xx:xx:xx:xx
+#Address=192.168.156.2
+
+## lan end

debian/bullseye/systemd/network/30-wwan0.network

@@ -0,0 +1,14 @@
+[Match]
+Name=wwan0
+
+[Network]
+DHCP=yes
+
+DNSOverTLS=opportunistic
+
+DNS=1.1.1.1
+
+DNS=1.0.0.1
+
+# Link discovery causes some issues so disable it.
+LLDP=no

debian/bullseye/systemd/network/50-usb0.network

@@ -0,0 +1,14 @@
+[Match]
+Name=usb0
+
+[Network]
+DHCP=yes
+
+DNSOverTLS=opportunistic
+
+DNS=1.1.1.1
+
+DNS=1.0.0.1
+
+# Link discovery causes some issues so disable it.
+LLDP=no

debian/bullseye/systemd/network/60-wlan0.network

@@ -0,0 +1,15 @@
+# Requires /etc/wpa_supplicant/wpa_supplicant-wlan0.conf to exist.
+[Match]
+Name=wlan0
+
+[Network]
+DHCP=yes
+
+DNSOverTLS=opportunistic
+
+DNS=1.1.1.1
+
+DNS=1.0.0.1
+
+# Link discovery causes some issues so disable it.
+LLDP=no

debian/bullseye/systemd/network/70-wgs0.netdev

@@ -1,12 +1,18 @@
 [NetDev]
 Name=wgs0
 
+Description=Wireguard Server Peer
+
 Kind=wireguard
 
 [WireGuard]
 
 # Port to listen on.
-ListenPort=31987
+ListenPort=500
+
+# I usually set this to the port number above it's not really needed
+# but useful for firewalls.
+FirewallMark=500
 
 # The Base64 encoded private key for the interface. It can be generated
 # using the wg genkey command (see wg(8)). This option or
@@ -14,8 +20,11 @@ ListenPort=31987
 # information is secret, you may want to set the permissions of the
 # .netdev file to be owned by "root:systemd-network" with a "0640" file
 # mode.
-PrivateKey=<YOUR KEY HERE>
+PrivateKey=<KEY>
 
+# Public key for the above private key. Only here as a reminder.
+# systemd will ignore if uncommented.
+#PublicKey=<PUBKEY>
 
 # Your Peers.
 [WireGuardPeer]
@@ -23,10 +32,10 @@ PrivateKey=<YOUR KEY HERE>
 # Base64 encoded public key calculated by wg pubkey (see wg(8)) from a
 # private key, and usually transmitted out of band to the author of the
 # configuration file. This option is mandatory for this section.
-#PublicKey=<YOUR KEY HERE>
+PublicKey=<KEY>
 
 # Comma-separated list of IP addresses with CIDR masks from which this
 # peer is allowed to send incoming traffic and to which outgoing traffic
 # for this peer is directed.
-#AllowedIPs=10.0.0.2/32
+AllowedIPs=10.0.0.1.2/32
 

debian/bullseye/systemd/network/71-wgs0.network

@@ -0,0 +1,8 @@
+# Needs netdev for wgs0, wireguard & wireguard-tools installed to work.
+
+[Match]
+Name=wgs0
+
+[Network]
+Address=10.0.0.1/24
+IPForward=true

debian/bullseye/systemd/network/80-wg0.netdev

@@ -1,29 +1,37 @@
 [NetDev]
 Name=wg0
 
+Description=Wireguard Client Peer
+
 Kind=wireguard
 
 [WireGuard]
 
+# I usually set this to the port number of the main peer it's not really
+# needed but useful for firewalls.
+FirewallMark=500
+
 # The Base64 encoded private key for the interface. It can be generated
 # using the wg genkey command (see wg(8)). This option or
 # PrivateKeyFile= is mandatory to use WireGuard. Note that because this
 # information is secret, you may want to set the permissions of the
 # .netdev file to be owned by "root:systemd-network" with a "0640" file
 # mode.
-PrivateKey=<YOUR KEY HERE>
+PrivateKey=<KEY>
+
+# Public key for the above private key. Only here as a reminder.
+#PublicKey=<PUBKEY>
 
 # DNS
 DNS = 1.1.1.1, 1.0.0.1
 
-
 # Your Peers.
 [WireGuardPeer]
 
 # Base64 encoded public key calculated by wg pubkey (see wg(8)) from a
 # private key, and usually transmitted out of band to the author of the
 # configuration file. This option is mandatory for this section.
-#PublicKey=<YOUR KEY HERE>
+PublicKey=<PUBKEY>
 
 # Comma-separated list of IP addresses with CIDR masks from which this
 # peer is allowed to send incoming traffic and to which outgoing traffic
@@ -33,4 +41,4 @@ AllowedIPs=0.0.0.0/0, ::/0
 PersistentKeepalive=20
 
 # Endpoint of a peer (for clients).
-#Endpoint=<ip>:<port>
+#Endpoint=<IP>:<PORT>

debian/bullseye/systemd/network/81-wg0.network

@@ -2,3 +2,11 @@
 
 [Match]
 Name=wg0
+
+[Address]
+Address=10.0.0.2/24
+
+[Route]
+Gateway=10.0.0.1
+
+GatewayOnlink=true

debian/bullseye/systemd/network/README.md

@@ -10,9 +10,7 @@ Say I have eth0 and want network access (and an IP via DHCP) from my router; I w
 
 ```
 sudo -s # Drop to root.
-cp -rv eth0* /etc/systemd/network/ # Copy the files.
-
-cat examples/dhcp.conf >> /etc/systemd/network/eth0.network # Append example dhcp to eth0.network
+cp -rv 10-eth0* /etc/systemd/network/ # Copy the files.
 
 systemctl enable --now systemd-networkd # Enable networkd now.
 

debian/bullseye/systemd/network/eth0.network

@@ -1,2 +0,0 @@
-[Match]
-Name=eth0

debian/bullseye/systemd/network/examples/README.md

@@ -0,0 +1 @@
+systemd-network configuration examples for use in other .net* files!

debian/bullseye/systemd/network/examples/static.conf

@@ -1,37 +1,40 @@
-[Route]
-
-# v4
-Gateway=<IPv4>
-
-# v6
-Gateway=<IPv6>
-
-# Not always needed but here just in case.
-#GatewayOnLink=yes
-
 [Network]
-
-# v4
-Address=<IPv4>/prefix
-
-# v6
-Address=<IPv6>/prefix
-
-
-# DNS
-# 1.1.1.1 / 1.0.0.1 / 2606:4700:4700::1111 / 2606:4700:4700::1001
-# are Cloudflare
+# Put global network options here.
 DNSOverTLS=opportunistic
 
-# v4
-DNS=1.1.1.1
-
-DNS=1.0.0.1
-
-# v6
-DNS=2606:4700:4700::1111
-DNS=2606:4700:4700::1001
-
 # Link discovery causes some issues so disable it.
 LLDP=no
 
+# IPv6 - must come before IPv4, or some weird things happen.
+[Route]
+# v6
+Gateway=<IPv6>
+
+# Not always needed but here just in case.
+GatewayOnLink=yes
+
+[Network]
+Address=<IPv6>/prefix
+
+# DNS
+# Cloudflare 2606:4700:4700::1111 / 2606:4700:4700::1001
+DNS=2606:4700:4700::1111
+DNS=2606:4700:4700::1001
+
+# IPv4
+[Route]
+Gateway=<IPv4>
+
+# Not always needed but here just in case.
+GatewayOnLink=yes
+
+[Network]
+# v4
+Address=<IPv4>/prefix
+
+# DNS
+# Cloudflare 1.1.1.1 / 1.0.0.1
+DNS=1.1.1.1
+
+DNS=1.0.0.1
+

debian/bullseye/systemd/network/usb0.network

@@ -1,2 +0,0 @@
-[Match]
-Name=usb0

debian/bullseye/systemd/network/wgs0.network

@@ -1,4 +0,0 @@
-# Needs wgs0.netdev & wireguard & wireguard-tools installed to work.
-
-[Match]
-Name=wgs0

debian/bullseye/systemd/network/wlan0.network

@@ -1,3 +0,0 @@
-# Requires /etc/wpa_supplicant/wpa_supplicant-wlan0.conf to exist.
-[Match]
-Name=wlan0

debian/bullseye/systemd/network/wwan0.network

@@ -1,2 +0,0 @@
-[Match]
-Name=wwan0

debian/bullseye/systemd/system/qmi-network@.service

@@ -17,19 +17,18 @@ Wants=sys-subsystem-net-devices-wwan%i.device
 [Service]
 Type=simple
 Restart=always
-RestartSec=300s
-TimeoutSec=300s
+TimeoutSec=240s
 
+ExecStartPre=-qmi-network /dev/cdc-wdm%i stop
+ExecStartPre=-rm /tmp/qmi-network-state-cdc-wdm%i 
 ExecStartPre=networkctl down wwan%i
 ExecStartPre=sh -c "echo 'Y' | tee /sys/class/net/wwan%i/qmi/raw_ip"
-
-# Add any qmi-network options here as needed.
 ExecStartPre=qmi-network /dev/cdc-wdm%i start
-
-
 ExecStartPre=networkctl up wwan%i
-ExecStart=sh -e -c "while true; do ping -w 120 -I wwan%i -c 5 one.one.one.one || exit 1; sleep 240; done;"
 
+ExecStart=sh -e -c "sleep 30; while true; do ping -w 120 -I wwan%i -c 5 one.one.one.one || exit 1; sleep 300; done;"
+
+ExecStop=-rm /tmp/qmi-network-state-cdc-wdm%i
 ExecStop=networkctl down wwan%i
 ExecStop=qmi-network /dev/cdc-wdm%i stop